28 lines
1.7 KiB
Bash
28 lines
1.7 KiB
Bash
#!/bin/bash
|
|
|
|
mkdir -p pki
|
|
|
|
# Generate Root Certificate and Key
|
|
openssl req -newkey rsa:2048 -nodes -keyout pki/ca.key -x509 -days 3650 -out pki/ca.cer -subj "/C=JP/ST=A/L=A/CN=Taito Arcade Machine CA"
|
|
# -addext "subjectAltName = DNS:cert.nesys.jp,DNS:cert3.nesys.jp,DNS:data.nesys.jp,DNS:proxy.nesys.jp,DNS:nesys.taito.co.jp,DNS:fjm170920zero.nesica.net"
|
|
|
|
# Generate Nesys CSR and key
|
|
openssl req -newkey rsa:2048 -nodes -keyout pki/nesys.key -out pki/nesys.csr -subj "/C=JP/ST=A/L=A/CN=nesys"
|
|
# -addext "subjectAltName = DNS:cert.nesys.jp,DNS:cert3.nesys.jp,DNS:data.nesys.jp,DNS:proxy.nesys.jp,DNS:nesys.taito.co.jp,DNS:fjm170920zero.nesica.net" -days 3650
|
|
|
|
# Generate Nesys cert
|
|
openssl x509 -req -sha256 -days 3650 -in pki/nesys.csr -CA pki/ca.cer -CAkey pki/ca.key -out pki/nesys.cer -set_serial 0
|
|
|
|
# Generate client CSR and key
|
|
openssl req -newkey rsa:2048 -nodes -keyout pki/PREMIUM.key -out pki/PREMIUM.csr -subj "/C=JP/ST=A/L=A/CN=PREMIUM"
|
|
#-addext "subjectAltName = DNS:cert.nesys.jp,DNS:cert3.nesys.jp,DNS:data.nesys.jp,DNS:proxy.nesys.jp,DNS:nesys.taito.co.jp,DNS:fjm170920zero.nesica.net"
|
|
|
|
# Generate client cert
|
|
openssl x509 -req -sha256 -days 3650 -in pki/PREMIUM.csr -CA pki/nesys.cer -CAkey pki/nesys.key -out pki/PREMIUM.cer -set_serial 0
|
|
|
|
# Generate server cert and key
|
|
openssl req -newkey rsa:2048 -nodes -keyout pki/server.key -out pki/server.csr -subj "/C=JP/ST=A/L=A/CN=*.nesys.jp"
|
|
openssl x509 -req -sha256 -days 3650 -in pki/server.csr -CA pki/nesys.cer -CAkey pki/nesys.key -out pki/server.cer -set_serial 0
|
|
|
|
# Pack the nesys CA and key into a p12
|
|
openssl pkcs12 -export -in pki/PREMIUM.cer -inkey pki/PREMIUM.key -certfile pki/nesys.cer -name "Nesica" -out pki/cert.p12 |